Joseph Hinkle at MyITForum.com

The Microsoft RDP Client for Mac update went official today. Download here.

This hit a few weeks ago, but I just got back to it. Funny stuff.

World of World of Warcraft

I've been thinking about getting an Amazon Kindle. It's driven mostly on the portability The book prices are a fairly compelling argument as well, since business books tend to be fairly expensive for the amount of content. My biggest problem is that I haven't actually seen one yet. It probably won't stop me from getting one in the end. Have any of you seen one? Owned one?

Garth mentioned that he was running Vista 64 on his laptop. I've been running it on my Latitude D531 for the last month or so with few issues. I had some initial touchpad driver issues, but I found a driver for the 630 that would work on Vista x64. Cisco doesn't have a full VPN client, but the AnyConnect SSL VPN client works well.

On the bright side, it performs well compared to Vista32. I haven't run XP64 to see if it performs better or worse though. I have the RAM maxed out at 4GB, so it's nice to get the full compliment when running VMWare Workstation on it.

Scooby Doo can get behind the wheel again in Florida.

Not in real life, of course. The talking dog doesn't exist. But opponents of a bill to let Georgia's habitual traffic violators take court-ordered driving classes online signed the cartoon canine up for an Internet course in Florida, which has a similar law.

Ruh-roh. Not only did he pass, Doo got a certificate.

The stunt was pulled by Driving Educators of Georgia, a statewide association of driving schools trying to persuade Gov. Sonny Perdue to veto the legislation known as HB 1027. The group argues such a system would make it easier for reckless drivers to get their licenses back. It also would be prone to fraud, the group says.

[From Foes of Web driving class get Scooby Doo certified | ajc.com]

At least he gave me credit this year. At the bottom. Next year, I expect a general pronouncement of my greatness at the top of the document. It's the least you could do.

:)

I've been using Xobni for a couple of days and I'm really impressed. I'm a statistics junkie about stuff that I do, so email statistics are just fantastic. The search engine is nice, but the forwarding and reply controls from the Xobni bar make that much more valuable. It does duplicate some of the functionality that was introduced in Outlook 2007, so it you already are using 2007, it isn't as mind-blowing as it would be on 2003.

That said, statistics rule, therefore Xobni rules. People are ranked by the number of emails sent to and received from them, thought it seems that sent counts more than received. The Xobni Analytics feature is fantastic. It gives views on email by time of day and some other neat layers that I can't remember right now. Good stuff.

Outlook contact information is integrated, but Global Address List contact information, like phone numbers, is not integrated. There may be a way, but I haven't found it yet.

Give it a try if you haven't already.

I stopped subscribing to discussion lists long ago, but I decided to try it again with MyITForum. I was apparently missing something the last seven years.

Brian mentioned Xobni a few weeks ago. I just hopped over to the site and noticed that it isn't invite only anymore. I'll give it a try at work tomorrow.

Run out right now and download Wise Package Studio 7 SP3. You know you want to.

The second sentence is a little scary, isn't it.

Wise has announced the availability of WPS 7 SP3. You can get a copy from the License Management Portal.

It will also be available in a couple of weeks from the Wise download page when the guys who administer this site return from a sales conference.

[From Wise Package Studio 7 SP3 | Altiris Juice]

If you use Last.FM, Soundamus generates and RSS feed of upcoming releases from the artists that you listen to. Interesting stuff.

I just realized that I missed the Service Manager session. Did anyone go and take notes?

I was having this problem on my home computer. Yeah. that's it.

SYMPTOMS
Consider the following scenario:
• You have a multiprocessor computer that is running Windows Vista or Windows XP.
• The computer has exactly 32 processors.
• You resume the computer from hibernation (S4).
In this scenario, the computer stops responding on a black screen.

[From A multiprocessor computer that is running Windows Vista or Windows XP stops responding on a black screen after you resume the computer from hibernation]

My wife found this at Walgreens. Her response: "I caught you a delicious bass".

Sorry the picture isn't bigger.

Interesting trend in music.

In the spirit of Las Vegas, I present Casino News! I'm not terribly surprised. We walked past the Tropicana last week and it looked like it had gone down-hill a lot since my first MMS.

The owner of Tropicana casinos in Atlantic City and Las Vegas filed for Chapter 11 bankruptcy protection Monday, nearly five months after New Jersey regulators stripped the Tropicana Casino and Resort of its license.

[From The Associated Press: Tropicana Entertainment to file for Chapter 11 protection]

My Enterprise Agreement was accepted by Microsoft today. I can actually deploy ConfigMgr now!

An excerpt from an email I had to write tonight, explaining why some folks in my group spent way too much time trying to do something that could have been solved for $1500.

Macintosh computers can access Windows file shares in a variety of ways. For many years, Macs communicated to all network shares using AFP, or Apple Filing Protocol. As such, Microsoft developed what is now known as Windows Services for Macintosh. Windows Services for Macintosh adds AFP support to Windows 2000 Server and Windows 2003 Server. This implementation, based on AFP 2.2, has several limitations, including a 31 character file names, 65,536 files per volume, as well as a 2TB volume size. Windows Services for Macintosh also requires an index to be built when a server is restarted and at other times through the life of the volume. Our Mac-specific volumes are shared using Windows Services for Macintosh.


The location was experiencing an issue where the index was not properly being rebuilt, due to the size and number of files in the share. This was preventing the plant from mounting the volume properly on the Macs using AFP. When mounted using SMB, the Windows file sharing protocol, additional detail was lost. This detail is stored as a resource fork that is automatically "joined" with the original file using AFP.

There is a lot more than that, but that generally details the problem. Group Logic has a product named ExtremeZ-IP that fixes many of the limitations of the Microsoft implementation of the older version of AFP. It does it by implementing the latest version (of course). It will also support Windows Server 2008 shortly.

In case you missed it, a Vista roundtable hosted by Mark Russinovich. I'm most of the way through it. It's good, but not terribly surprising.

Still undecided about Windows Vista? Join Mark Russinovich and a panel of experts for a discussion on adopting Windows Vista into a desktop infrastructure. The panel features subject-matter experts and IT pros from around the world who have tackled Windows Vista deployment—hear about the challenges, workarounds, and tips & tricks they have learned along the way.

[From Springboard Live #1]

I found out that the problem is when you do the XP Sp3 slipstream process on a WIndows Vista machine, the API gives a different response and screws up the PID process. This is a bug and Microsoft knew about this in December, still the bug remained and made it all the way to RTM, nice work Microsoft. So XP SP slipstream only on XP or 2003 machines!!!

Neat. I wish I had this a couple of years afo.

HP SoftPaq Download Manager provides a simple, powerful way to download software updates for the HP client PC models in your environment. HP SDM can significantly reduce the amount of time it takes to locate and download updates. SoftPaqs can be downloaded in as few as three easy steps from a single user interface after initial setup.

[From HP SoftPaq Download Manager]

I'm glad to see everyone made it home safe and sound. I have a couple of funny things to post later, but for now, it is time to sleep. The conference was great this year, especially the 'Advanced OS Deployment' and 'Configuration Manager Installation' sessions. As always, it was well worth the trip.

Presented by Jason Leznek and Lilia Gutnik. Props to Lilia for mentioning XKCD. She seems almost as sarcastic as the comic. Not that I know anything about sarcasm.

• What are group policy preferences?
  • Acquired Desktop Standard in Oct 2006
  • GPOVault - Advanced Group Policy Management - MDOP
  • PolicyMaker - managing clients through group policy - a component of GPMC in Windows Server 2008 and also part of Remote Server Administration Tools
  
  
• Where can I manage GPP?
  • Windows Server 2008
  • Vista SP1 with rSAT
  
  
• What can GPP manage?
  • Windows Server 2008
  • Client Side Extensions for Vista RTM+, Server 2003 SP1, XP SP2+
  
  
• What do GPPs do?
  • Preferences are not true policy - set defaults
  • Not limited to policy-aware settings
  • Better admin UI
  • Better targeting
  
  
• Policies vs prefrences
  • Policy - Admin sets and locks user out - highest precedence - specific registry keys
  • Preferences - user may change - apps don't have to be policy aware - can be pulled back if it fall out of scope
  
  
• Precedence - LSDOU - Computer beats users, policies beat preferences, Client-side extension process order
• More settings are available - Control Panel: Folder options, scheduled tasks, services, power options; Windows Settings: drive maps, folders, shortcuts, registry keys, applications
• UI is same as end-user - looks like the appropriate dialog
• Better targeting - Can target individual computers, IP range, time, OS, free space, etc
• Added drag and drop and multiple instance support
• New settings can create, replace, update, or delete - Can be set to apply once and not to reapply
• Can control local admin group on a user by user basis
• Report - all included, including targeting criterion - GPResults shows winning items, but doesn't necessarily reflect final settings

The official title is "Unfogging the future - Making Windows Vista application compatiblity, testing, mitigation, and packaging more predeictable with effective project management"

Presented by Chris Jackson and Jeremy Chapman

http://blogs.msdn.com/cjacks

• What is the end result? You are testing all applications at once. This is an opportunity to fix things. Get better at testing. Take notes so testing can be reproduced.
• Two things are usually changed: Testing procedures and lack of documentation
• Coordinated deployment: communicate so that testing is identical to production. Make sure corporate group policy matches testing.
• Application Compatibility Toolkit 5.0 for application data, can use SMS, but some detail is not discovered
• ACT data collection - deploy agent then have it capture inventory and other data
• ACT is made to run in a production environment, so it is at a high level. It is not a low level diagnostic.
• Inventory checklist: OS Version, Service Pack Level, etc. Want to capture where it is and what is it used for.
• Make deployment role-based so structured roles can be done quickly.
• Must have an agent to collect data.
• ACT can not import SMS data at this point. They're working on it.
• The MSI to install the agent disappears quickly. Don't use it for inventory.
• Objective 1: The list - get a list of applications.
  • Define standards and conflict resolution rules.
  • Find all of the application stakeholders.
  • Prioritize applications.
  • Identify dependencies.
  • Sharepoint Services site can help share the data.
  
  
• Analysis best practices
  • Define objective standards
  • Define categories that are business goal-oriented
  • Keep task of who is assigned to categorization
  • Accept that some things won't change
  • Filter the dupes and other unneeded data
  
  
• http://www.appreadiness.com for third-party software.
• Objective 2: The Real List
  • Testing - Can you do all of the work for me?
  • Build a test environment - can be pilot machines, labs, terminal services
  • Define mitigation strategy
  • Test and remediate - SME defines strategy and does test, store test library, automate
  • Leverage partners for investigation
  • Don't test what you're not going to fix
  • Give the user a "buddy" who will work with them through the process
  • Repackage
  
  
• Remediation
  • Acquire updated versions
  • Manage shims if using them to fix without changing code
  
  
• Objective 3: The Completed List
  • Goal is zero-touch
  • Repackage applications - make sure you are ready for a silent install
  • Integrate core applications into the standard OS image - if it is on all desktops
  • Test application installation - Test and retest
  • Test all roles and combinations of applications
  
  
• Train your users
• Things to remember
  • Microsoft is making big progress is app compatibility.
  • Application compatibility is not trivial. Be prepared.
  • Help can be found in Application Compatibility Toolkit and Microsoft Deployment Toolkit
  
  
• Microsoft Assessment and Planning Toolkit for hardware compatibility
• http://www.technet.com/appcompat

Presented by Johan Arwidmark. This session was very lite-touch deploy focused. The previous content from the Advanced OS Deployment sessions might be of more value to you.

• No technical reason for having separate server and client tools
• Imaging considerations
  • Hardware - 32-bit and 64-bit, Intel and AMD
  • Software - Packaging, Time window allowed for deployment, Maintaining the image
  
  
• Distribution share
  
  • MDT 2008 - documented and well tested, requires some work, but is worth the effort
  • Use Lite Touch Deployment
  • wpeutil initializeNetwork to setup up network connection
  
  
• Drivers - MDT can inject drives based on PNPID, Driver Grouping, Per model, OS, or architecture, or custom
• Reference Image
  • Scripted setup for XP/2003 - Add Storage drivers then capture and image
  • Deploy Vista/2008 - Capture an image
  • Use virtual machines so there are no textmode drivers
  • Security - patch from WSUS server before capture
  
  
• Sysprep - add mass storage; Hotfixes in SP3 (audio: KB888111)
• Add storage drivers to sysprep.inf for STOP 0x7B - Don't use build mass storage, build your own
• Use Johan's HAL document from MyITForum.com
• Vista/2008 device drivers - ranking - "Treat all digitally signed drivers equally in the driver ranking process" group policy can be used to resolver driver installation issues - MSDN has an article that describes the driver ranking process
• Post-installation process
  • Let post-installation task sequence actions control the flow
  • Per hardware applications
  
  

Presented by Michael Niehaus Continued from part 3. Start in part 1.

• Why be dynamic?
  • Computer differences
  • User expectations
  • Simplify administration - minimize the number of task sequences
  • How? - Gather: preferably automatic; process: translate as required, review in advance if possible; consume: query during deployment
  
  
• What data sources?
  • MDT database - manually configure site, make/model, role, computer data - integrate ConfigMgr inventory to reinstall apps
  • ConfigMgr 2007 - Asset inventory, Manually configured computer and collection variables
  • Other sources - Asset management system, custom databases, web services, Ask user (wizard-based)
  • Use the best for you, could be multiple
  
  
• What is most important?
  • Usually list of apps to install on each computer
  • Basic requirements - identify what is installed, packages for each application, map of installed to reinstalled
  • Lots of other variables- see MDT configuration reference guide and ConfigMgr "OSD Task Sequence Variables"
  
  
• Task Sequence flow
  • Computer downloads policy
  • Task sequence begins executing with the first step - all steps can see and modify global variables
  • Collection variable challenges - for new computers, no inventory to query on; for new computers, object must replicate up to the site owning the collection before it can be added; no concept of a list; manually defined
  • Computer variable challenges - must be defined on the site owning the computer; do not replicate up of down; cannot be used in collection query rules; no lists; manually defined one at a time or scripted using custom script
  • Local variables challenges- some can be promoted to global; overriding global would affect all instances of the same type of step; some lists are numerically suffixed while others are comma-delimited
  • MDT database challenges - another database to maintain; maintained manually or with custom scripts; typically centralized; security challenges - not in domain when in PE; ADO required; MDT rules are usually "first value wins"
  
  
• MDT database details
  • can configure site settings, make/model, computer, role
  • general settings, applications to install, administrator group members, roles to add
  • Use deployment workbench MMC to configure
  • Queries to database are performed by Gather step, add rules to CustomSettings.ini
  • ZTI gather puts the values into variables
  • PackageMapping table - associates packages with Add/Remove Programs inventory
  • RetrievePackages stored procedure - uses inventory to select all packages to reinstall using the package mapping table - results in auto installation with optional upgrades
  
  
• Computer replacements: When querying database, use old computer MAC address
• Instead of ARP, use Asset Intelligence data - modify both above to look at that
• ConfigMgr Database details
  • Collections can be created based on site, make/model, role
  • Settings can be specified on the collections
  • for new computers, it would be a manual add
  • Computer settings can be specified directly on the computer object, but only at the site the computer reports to
  • Different objects - multiple independent lists for multiple collections each with its own prefix; merged at time of deployment; ZTICoalesce.vbs merges all together
  
  

Presented by Mike Niehaus and Tim Mintner. Continued from part 2. Start in part 1.

Deployment with Microsoft Deployment Toolkit

• MDT 2008 - use the method that works with what you have
• Created by the Solution Accelerator team
• MDT is a free download (http://www.microsoft.com/deployment)
• What does MDT do?
  • Seamless integration - integrates with ConfigMgr using the SDK
  • Additional features - Additional task sequence actions plus more scripts
  • Mix and match - choose only features that you want
  • Simplified migration - Moving from 2003 to ConfigMgr is simpler, still some recreation
  • Advanced monitoring - OpsMgr management pack for additional monitoring
  
  
• Features
  • Wizards - setup and configuration
  • Capabilities added to task sequence
  • Additional actions - scripts to perform tasks
  • Dynamic deployments - Unknown computers, web services, databases, computer variables, collection variables, conditions - see part 4 for more details
  
  
• Wizards
  • Created a single wizard to manage setup and config
  • Installed on computers where console is running
  • Import MDT task sequence action
    • Templates prebuilt for client replacement, client deployment, server deployment
    • Base task sequences allow for base OS captures
    • Can create a new boot image during process - allows addition of ADO, custom background, or extra folders
    • Must store scripts in a package - can specify here or create a new one
    • Can specifiy if you want a WIM image, complete image source directory, or use existing
    • Will build a ConfigMgr client package that will be used to install client
    • Can create a settings package for Vista
    • Can create a Sysprep package for Windows XP - use contents of Deploy.CAB
    
    
  • There is also a boot image wizard that does only that part of the process
  
  

• Dynamic State Capture Location
  • Capturing state location to network is expensive
  • Only use the State Migration Point when necessary - use local if possible
  • New action that will determine if local or remote is appropriate - USMT /estimate
  
  
• Configure Answer Files
  • Dynamically update OS configuration files per computer
  • Inject values stored in task sequence variables - if you can define where to put it, MDT can put it there
  • Preconfigured for common values - Domain, OU, time zone, area code, locale, language, full name, organization, product key, home page
  • XML so it is extensible
  
  
• Handle any scenario
  • One task sequence to handle everything - new, refresh, replace, reference computer
  • Any OS Type
  • Use conditions to control
  
  
• Backup
  • Create and image of the system before installing new
  • Script to run imagex to create WIM - stores local when possible - WIM could be huge
  • Caveats - can take a long time, ImageX is an imaging tool, not a backup tool, ideal for recovering data, not whole OS
  
  
• Other capabilities
  • Validation - don't deploy a server OS to client, ensure hardware requirements, decompress to the root of the drive
  • Prerequisites - Script Host and MSXML are working
  • BIOS check - block incompatible BIOS
  • Capture and restore local group membership
  • Tattoo the machine - Inventory deployment details
  • Enable DiskPart compatibility mode when needed (Windows XP or 2003) - KB931760 and 931761
  • Move state store - otherwise it is deleted when deployment completes
  • Copy logs - make them available on network share
  
  
• Task Sequence Actions
  • Use Toolkit Package - Custom UI and command that gets executed - takes care of getting file to computer - must have this for other actions
  • Gather - Sets variables that can be used in other steps - Local data from WMI - Rules can make decisions based on data
  • Validate - Perform hardware checks and prevent accidental deployments
  • Install updates offline - Apply patches to Vista or Server 2008 before first boot - can use existing package, applicability cannot be determined offline
  • Install language packs online or offline - create package that contains install - specify that package should be installed offline (Vista) or online (XP) - doc describes package structure
  • Install Roles and Features - Any available Server 2008 role, role service, or feature - a subset is supported for server core - Installation occurs after OS is installed - no config, just install
  • Configure ADDS - Automates DCPROMO (builds answer file) - supports new forests, domains, or DCs - other advanced properties
  • Configure DNS - Defines zones to create - primaries, secondaries, stub, advanced props
  • Configure DHCP - Creates address ranges and scopes
  
  
• Unknown computers - interim until R2
  • Two scenarios - Network boot, CD boot
  • Both work same way in a basic sense - add computer to ConfigMgr database, add to collection with advertised task sequence
  • PXE filter runs entirely on server - installed via wizard - configured by editing PXEFilter.vbs
  • Pre-execution hook (CD boot) - runs on client talking to web service - embedded in boot image - uses SLP request - Configured by editing web.config
  
  

I'll be working the MyITForum booth from 1:00-2:00; right after the mad book signing rush. Stop by and say hi if you're in the neighborhood.

Vice President - Global Foundation Services - Runs datacenters and networks

• Software + services
• The cloud is not a cloud - the cloud is just a series of datacenters
• Global Foundation Services
  • Live Search - 2.16 billion queries per month
  • MSN - 550m unique users - 10b page views
  • Windows Live - 1b+ authentications per day, Messenger: 8.2b messages daily
• Add 10,000 servers per month, 3x number of datacenters, 15x servers, 15x power
• I'm a desktop guy, so I'm already bored - notes will start getting sketchy as I check email, sleep, and generally drift mentally
• Datacenters are all about location - power availability
• Sustainability - Outside air cooling, hydro-electric power, "grey" water, reflective paint, server that use less power
• Server trends - Hardware: multi-core, Virtualization: using every server at capacity
• Containers - Storage container that stores a datacenter - can be wheeled in on demand- Microsoft calls them CBlox - a datacenter full of containers can contain 3x the watts per square foot
• Networks and trust -
• Manageability - They support multiple platforms so SCOM extensions are important to them too - measured on servers per server engineers: 5000:1 in a 200,000 server environment
• 1 trillion rows of performance data per day - 80,000 performance counters per day - 1m events per day

Presented by Michael Kelley. Some guy decided to answer his phone in the middle of this session. If you were him, stop it. It's rude. Continued from part 1.

• Multicast
  • Multicast of OS images to PE - no multicast for other packages, no multicast from PXE Service Point
  • Multicast is an option on the DP - requires Windows Server 2008 with WDS, builds on WDS
  • ScheduleCast - reaches minimum group size or maximum wait time
  • AutoCast - late joiners will catch up with parts they missed at end - less time delay, but less efficient
  • Only one Multicast session per image at a time - Multiple images at same time ok
  • DP lookups prefer multicast-enabled DPs
  • There are no remote multicasts
  
  
• Driver Catalog
  • Auto Apply Driver - scans hardware and transmits to site server, site server sends list of drivers down, client determines best driver and downloads correct ones from DP - puts drivers in Drivers folder, in subfolders for each, Windows PnP logic installs drivers as normal
  • Apply Driver Package - forces one driver to installed - for disconnected USB or Boot-critical drivers
  • Drivers can be in more than one package - Separate packages can be used to direct drivers to DPs, non-PnP drivers that can't be used in Auto Apply, Pre-Vista boot critical drivers
  • Use categories for driver lifecycle management
  
  
• Driver Versions
  • Catalog can hold different versions - different version is difference in any binary
  • Categories can be set in OSDAutoApplyDriverCategory
  
  
• Exe Drivers
  • Run exe an unpack and add resulting files to catalog
  • Run exe on reference computer an manually pull out INF
  • Check web-site for .inf
  • treat the install as a software distribution package
  
  
• Multi-level devices - Auto-apply drivers may not see child devices - Include both devices in same folder with parent device
• Boot-Critical devices - put drivers in separate drivers, select driver from combo box, or use build mass storage
• Get driver category GUID from View, Add/Remove Columns, add Category Unique ID in Drivers view in console
• Bare Metal and PXE
  • WDS is PXE server - For 2008 compatibility, use ConfigMgr SP1
  • Mixed and native modes will work, legacy will work
  • Install WDS, but don't configure
  • Add a PXE service point site role for that computer, creates a server share DP to hold boot images
  • Replicate boot images to PXE DP as well as to a regular DP
  • Must replicate x86 and x64 boot images
  • Check log file to troubleshoot - %program files%\SMS_XXX\logs\smspxe.log - look for PXE boot, found matching computer, found advertisement, used abortpxe.com because the adverisement already ran, ignore log entries for all "F" self-check run
  • Stop and restart WDS service
  
  
• Zero-Touch - Boot media, no way to get rid of wizard - PXE, Mandatory advertisement does not require F12, optional does
• Resetting PXE - ignored if same mandatory advertisement is pending, choose "Clear Last PXE Advertisement" action to force reapplication, optional always asks
• User Input - Task Sequence can't show UI - Collection and computer variables with no value will be prompted in R2 - In R1, use a pre-execution hook to use own UI, use Microsoft.SMS.TSEnvironment to script in VBS
• Pre-exec hook - create a tsconfig.ini, put in root of WinPE, use as boot image
• Unknown computers - MDT has an add-in for WDS that will fix in R1, R2 adds new resource type of unknown (x86 computer or x64 computer) - Task sequence advertised to collection for them - they will show up in Unprovisioned Computers node until deployment is complete - Must be enabled for PXE or Boot media
• Client Identity - Mixed mode: ConfigMgr Client in Full OS will retain identity, Bare Metal will apply conflict resolution rules (by default, new identity and old is obsolete; there can be a manual process in the "Conflicting Records node", Merge, New, or Block); Native Mode: based on PKI subject name
• State Migration
  • State Migration Point - Client can only use site migration point that are associated with the site they are assigned to - Can be protected - Admin controls disk space - Request State Store: finds an SMP with available space and sets OSDStateStorePath
  • USMT - 32-bit and 64-bit versions - wrapped by a task sequence - actions manage encryption key - specify more command line options in OSDMigrateAdditionalCaptureOptions
  • Computer Association entries for same computer or side-by-side